problem with Server Configuration

Aggelidis Nikos aggelidis.news at gmail.com
Thu Jan 22 13:59:33 CET 2009


hi to all the list i 've install  freeradius-server-2.1.3. I've build
it from source to enable EAP support.

I configure it like this:

./configure 	--with-rlm_eap_tls --with-rlm_eap_ttls
	--with-rlm_eap_peap --with-rlm_eap_tnc 	--without-rlm_otp
--with-openssl --with-rlm_eap_ikev2

When i try to connect using EAP everything works ok! But when i try to
connect using TTLS it fails. Here is the output:

...
...
....
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
[mschap] Found MS-CHAP attributes.  Setting 'Auth-Type  = mschap'
++[mschap] returns ok
[suffix] No '@' in User-Name = "nanouser", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] No EAP-Message, not doing EAP
++[eap] returns noop
++[unix] returns notfound
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
[pap] WARNING! No "known good" password found for the user.
Authentication may fail because of this.
++[pap] returns noop
Found Auth-Type = MSCHAP
+- entering group MS-CHAP {...}
[mschap] No Cleartext-Password configured.  Cannot create LM-Password.
[mschap] No Cleartext-Password configured.  Cannot create NT-Password.
[mschap] Told to do MS-CHAPv2 for nanouser with NT-Password
[mschap] FAILED: No NT/LM-Password.  Cannot perform authentication.
[mschap] FAILED: MS-CHAP2-Response is incorrect
++[mschap] returns reject
Failed to authenticate the user.
} # server
[ttls] Got tunneled reply code 3
        MS-CHAP-Error = "\004E=691 R=1"
[ttls] Got tunneled Access-Reject
[eap] Handler failed in EAP/ttls
[eap] Failed in EAP select
++[eap] returns invalid
Failed to authenticate the user.
Using Post-Auth-Type Reject
+- entering group REJECT {...}
[attr_filter.access_reject]     expand: %{User-Name} -> nanouser
 attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
Delaying reject of request 26 for 1 seconds
Going to the next request
Waking up in 0.9 seconds.
Sending delayed reject for request 26
Sending Access-Reject of id 0 to 192.168.3.244 port 2056
        EAP-Message = 0x04080004
        Message-Authenticator = 0x00000000000000000000000000000000
Waking up in 4.9 seconds.

Any ideas why this is happening?

also i read that you can connect to your radius server using
localhost... without using an AP, how can i do this?

thanks in advance for your time,
-nicolas



More information about the Freeradius-Users mailing list